top of page

Privacy Policy — CrazyForCoral

Effective date: September 4, 2025
Last updated: September 4, 2025
Contact: info@crazyforcoral.com — for privacy requests, data access, or questions.

Welcome — we’re CrazyForCoral, an online retailer of marine corals and related aquarium products. This Privacy Policy explains what personal information we collect, how we use and share it, your rights, and how we keep your data safe. Because trade in many coral species is regulated, we also explain how legal and permitting requirements may affect how we collect and share information about orders.

1. Scope & who we are

This policy applies to personal data collected when you interact with our website (https://www.crazyforcoral.com), mobile services, email, or when you purchase from us or contact customer service. “We”, “us”, and “our” means CrazyForCoral, a company registered in the United Kingdom. This policy describes how we handle personal data for customers in any jurisdiction; where local law provides additional rights (for example EU/EEA, UK, or California), those rights are described below.

 

2. Information we collect

We collect the categories of personal information listed below as necessary to operate the business and to comply with applicable laws:

Account & identity data

  • Full name, username, email address, billing and shipping addresses, telephone number.

Order & transaction details

  • Items ordered (including species information when applicable), order number, payment transaction identifiers, invoices, refunds, and order history.

Payment information

  • We do not store full card numbers on our servers. Payment card data is processed by third-party payment processors (for example Stripe or PayPal) and we only retain processor-provided tokens and transaction metadata necessary for refunds and accounting.

Regulatory / permit information

  • Where required for legal import/export permits, customs clearance, or wildlife documentation (for example when selling regulated coral species), we may collect and share purchaser details and shipment information needed to obtain or comply with permits.

Technical & usage data

  • IP address, device type, browser type and settings, cookie identifiers, pages viewed, search queries, referral source, and analytics data.

Communications

  • Records of communications with our customer support team, email content you send to us, and your marketing preferences.

Optional / sensitive

  • We will not intentionally collect special category personal data (such as health or biometric data) unless you provide it voluntarily. If you are in a jurisdiction where certain categories of personal data are treated as sensitive (for example under California law), those categories are described below.

 

3. How we use your information (purposes)

We use personal information for the following purposes:

  • To fulfill orders: process and ship purchases, prepare customs paperwork and permits when required, provide invoices, and handle returns or exchanges.

  • Legal & regulatory compliance: obtain or provide information for export/import permits, wildlife trade documentation, and to respond to lawful requests from authorities.

  • Payments & fraud prevention: process payments, perform transaction reconciliation, detect and prevent fraud, and enforce our terms.

  • Customer service: respond to inquiries, manage complaints, and handle warranty or support requests.

  • Marketing: send newsletters and promotional offers where you have consented or where lawful; you can opt out at any time.

  • Improvement & analytics: analyse site usage, improve our products and services, monitor performance and security.

  • Legal claims & protection: defend legal rights, comply with litigation or regulatory requests, and protect the safety of users and the public.

Legal bases (EU/GDPR) — For customers in the EU/EEA/UK, we rely on one or more legal bases to process personal data: contract performance (processing necessary to fulfil your order), compliance with legal obligations (permits/exports), legitimate interests (fraud prevention, service improvements), and consent (where required, for example some marketing cookies and direct marketing by email).

 

4. Sharing & third parties

We may share personal data with the following categories of recipients:

  • Logistics & carriers: to deliver orders and complete customs paperwork (examples: DHL, UPS, Royal Mail — replace with your actual carriers as applicable).

  • Payment processors: to process transactions (examples: Stripe, PayPal — replace with your actual payment providers).

  • Regulatory authorities: customs, wildlife trade authorities, or other agencies when required for permits, export/import compliance, or investigations.

  • Service providers: hosting, email delivery, CRM, analytics, and marketing providers that process data on our behalf.

  • Legal / law enforcement: when required to comply with laws or to protect rights.

  • Business transfers: in connection with a sale, merger, reorganisation, or acquisition of assets, subject to confidentiality protections.

We require third parties to process personal data only on our instructions and to maintain appropriate security measures.

5. International transfers

Our servers or service providers may be located outside your country. When we transfer personal data internationally we use appropriate safeguards (for example standard contractual clauses or other lawful mechanisms) and seek to comply with applicable data protection laws.

 

6. Data retention

We retain personal data as long as necessary to provide services and to comply with legal obligations (including recordkeeping for regulated wildlife transactions, customs, and tax). For regulatory transactions (permits, export/import records), we may retain records longer if required by law or to defend against potential claims.

 

7. Your rights

Depending on your jurisdiction, you may have the following rights:

  • Access: request a copy of personal data we hold about you.

  • Correction: request correction of inaccurate information.

  • Deletion: request deletion of your personal data (subject to legal exceptions such as records we must retain for permits, taxes, or legal claims).

  • Portability: receive a copy of your data in a commonly used format.

  • Restriction / objection: request limitation of processing or object to certain uses.

  • Withdraw consent: where processing is based on consent.

  • California residents: additional rights such as the right to know, delete, and opt-out of sale/sharing of personal information under California law.

To exercise your rights, email us at privacy@crazyforcoral.com with “Privacy Request” and provide sufficient information (for example order number and email address) so we can locate your records. We will verify requests as required by law.

 

8. Cookies & tracking

We use cookies and similar technologies to provide essential site functions, remember preferences, analyse usage, and deliver marketing. You can manage cookie preferences via our cookie banner or through your browser settings. For full details, see our separate Cookie Policy on the website.

 

9. Security

We implement reasonable technical and organisational measures to protect personal data (for example encryption in transit, access controls, and vendor security requirements). No internet system can be guaranteed 100% secure; in the event of a data breach affecting personal data we will follow applicable breach-notification laws and notify affected individuals as required.

 

10. Children

Our services are intended for adults. We do not knowingly collect personal information from children under 16 (or a higher age required by local law). If you believe a child under that age has provided us with personal data, contact us at privacy@crazyforcoral.com and we will take steps to delete it.

 

11. Special note — coral trade, permits & documentation

Many coral species are regulated under international and national trade rules. Orders containing regulated coral species may require permits, declarations, or additional documentation. We will inform you if an item you order requires permits or extra paperwork. To comply with those rules we may need to share purchaser, seller and shipment details with authorities, customs agents, or permit-issuing bodies. We will only disclose the minimum information necessary for compliance.

 

12. Changes to this policy

We may update this policy from time to time. We will post material changes with an updated Effective Date on this page and, where required by law, obtain consent or provide advance notice.

 

 

13. Contact & enforcement

For questions, privacy requests, or to report concerns:
Email: privacy@crazyforcoral.com
Mail: CrazyForCoral, 10 Seabreeze Wharf, London, United Kingdom

If you are an EU/EEA/UK resident and believe we have violated applicable data protection law, you have the right to lodge a complaint with your supervisory authority.

 

14. Quick privacy choices

  • Marketing opt-out: click “unsubscribe” in marketing emails or update preferences in your account.

  • Cookie choices: adjust via the cookie banner or your browser settings.

  • Data requests (access/deletion/portability): email privacy@crazyforcoral.com with “Privacy Request” and your account/order details.

Notes & next steps

  • The document above uses example company contact details (CrazyForCoral, privacy@crazyforcoral.com, 10 Seabreeze Wharf). Replace these with your actual legal company name, address, and contact details before publishing.

  • Also replace example third-party providers (payment processors, carriers) with the actual vendors you use.

If you’d like, I can now update this document with your real company name, address, contact email, specific payment and shipping providers, and any jurisdiction-specific language you need. Just paste the details here and I’ll update the policy.

bottom of page